machine_setup/nix/kubernetes

• To-do
  • Perhaps use overlay for /etc for speedup
  • read https://nixos.org/manual/nixos/stable/
  • Performance for mini pc
• Bootstrap
  • Install cilium

To-do

Perhaps use overlay for /etc for speedup

  system.etc.overlay.enable = true;

read https://nixos.org/manual/nixos/stable/

Performance for mini pc

  security.pam.loginLimits = [
    { domain = "@users"; item = "rtprio"; type = "-"; value = 1; }
  ];

Bootstrap

Install cilium

  helm repo add cilium https://helm.cilium.io/
  helm template --dry-run=server cilium cilium/cilium --version 1.18.4 --namespace kube-system \
       --set kubeProxyReplacement=true \
       --set k8sServiceHost="2620:11f:7001:7:ffff:ffff:ad7:1dd" \
       --set k8sServicePort=6443 \
       --set ipv6.enabled=true

  kubectl -n kube-system exec ds/cilium -- cilium-dbg status --verbose
  kubectl -n kube-system exec ds/cilium -- cilium-dbg status | grep KubeProxyReplacement

  #      --set hostFirewall.enabled=true
  # routingMode=native